ARP Detection Tool Netdiscover
Netdiscover is an active/passive ARP detection tool. This tool is useful on wireless networks that do not use DHCP. Using the Netdiscover tool, you can scan IP addresses on the network, ARP detection tools netdiscover check online hosts, or search for ARP requests sent to them. The following describes how the Netdiscover tool is used. This article is selected from the Kail Linux penetration Test training manual University Bully
First look at the help information for the next Netdiscover tool, and execute the command as follows:
- [Email protected]:~# netdiscover-h
- Netdiscover 0.3-beta7 [active/passive arp Reconnaissance tool]
- Written by:jaime Penalba <[email protected]>
- usage:netdiscover [-I device] [-R range |-L file |-p] [-s time] [-N node] [-C Count] [-f] [-d] [-S] [-p] [-c]
- -I device:your network device
- -R Range:scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
- -L FILE:SCAN the list of ranges contained into the given file
- -P passive mode:do not send anything, only sniff
- -F filter:customize pcap filter expression (default: "ARP")
- -S time:time to sleep between each ARP request (miliseconds)
- -N node:last IP octet used for scanning (from 2 to 253)
- -C Count:number of times to send each ARP Reques (for nets with packet loss)
- -F Enable Fastmode Scan, saves a lot of time, recommended for auto
- -D Ignore home config files for AutoScan and fast mode
- -S enable sleep time supression betwen each request (Hardcore mode)
- ?-P Print results in a format suitable for parsing by another program
- -L in parsable output mode (-p), continue listening after the active scan is completed
- If-r,-l or-p is not enabled, Netdiscover would scan for common LAN addresses.
The output information shows the syntax format of the Netdiscover and the available parameters of this article selected from the Kail Linux penetration Test training manual University bully.
"Instance 3-3" uses the Netdiscover tool to scan all host ARP detection tools netdiscover in the LAN. The execution commands are as follows:
- [Email protected]:~# netdiscover
After executing the above command, the following information is displayed:
- Currently SCANNING:10.7.99.0/8 | Screen View:unique Hosts
- 692 captured ARP req/rep packets, from 3 hosts. Total size:41520
- _____________________________________________________________________________
- IP at Mac Address Count Len mac Vendor
- --------------------------------------------------------------------------------------------------------------- ----------------
- 192.168.6.102 00:e0:1c:3c:18:79 296 17760 Cradlepoint, Inc.
- 192.168.6.1 14:e6:e4:ac:fb:20 387 23220 Unknown Vendor
- 192.168.6.110 00:0C:29:2E:2B:02 540 VMware, Inc.
From the output information, you can see the scan to three hosts this article selected from Kail Linux penetration Test Training manual University pa ARP Detection Tool netdiscover.
ARP Detection Tool Netdiscover